Legal
Privacy Policy
Last updated: February 2026
1. Who we are
SPRINKLING is an independent AI risk assessment service. We are not affiliated with the European Commission or any regulatory authority. References to "we", "us", or "our" refer to SPRINKLING.
2. Data we collect
We collect: your email address and password (for account creation), your company name (optional), and the answers you provide in our AI Act diagnostic questionnaire. We do not collect any special categories of personal data.
3. How we use your data
Your data is used solely to: provide and improve our assessment service, save your diagnostic results to your account, and communicate with you about your account. We never sell your data to third parties.
4. Data storage
Your data is stored securely on Supabase infrastructure within the European Union. All data is encrypted in transit (TLS) and at rest.
5. Your rights (GDPR)
Under the GDPR, you have the right to access, rectify, or delete your personal data at any time. To exercise these rights, contact us at privacy@sprinkling.ai.
6. Contact
For any privacy-related questions: contact us here.